The Internet Archive, a popular digital library known for its Wayback Machine, was hacked and suffered a data breach that exposed approximately 31 million user accounts.
Founder Brewster Kahle confirmed in a post on X (formerly Twitter) that a cyberattack knocked the website offline, and that usernames, emails and encrypted passwords were compromised.
Yesterday’s DDOS attack on @internetarchive repeated today. We are working to bring https://t.co/Hk02WjumkL back online.
— Brewster Kahle (@brewster_kahle) October 9, 2024
Services are currently stopped to upgrade internal systems,” Kahle wrote in a Thursday update. “We are working to restore services as quickly and safely as possible. Sorry for this disruption.”
Update: @internetarchive’s data has not been corrupted. Services are currently stopped to upgrade internal systems.
We are working to restore services as quickly and safely as possible.
Sorry for this disruption.
— Brewster Kahle (@brewster_kahle) October 10, 2024
What we know of the attack:
Users noticed that something was wrong when a strange message popped up on Internet Archive earlier this week, which read:
“Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!”
HIBP, which is short for “Have I Been Pwned,” is a website that allows users to check if their personal information, such as email addresses and passwords, has been exposed in a data breach.
Although hackers disrupted access to the Internet Archive this week, security expert Troy Hunt clarified on X that the actual data breach most likely occurred more than a week ago.
Let me share more on the chronology of this:
30 Sep: Someone sends me the breach, but I’m travelling and didn’t realise the significance
5 Oct: I get a chance to look at it – whoa!
6 Oct: I get in contact with someone at IA and send the data, advising it’s our goal to load…— Troy Hunt (@troyhunt) October 9, 2024
Hunt claimed that he first received information about a potential breach on September 30th, but did not analyze it until October 5th, after which he notified the Internet Archive and updated the HIBP site.
He additionally suggested that “multiple parties: might be involved in the disruptions, highlighting that “when we’re talking breach + defacement + DDoS, it’s clearly not just one attack.”
A hacktivist group called SN_BLACKMETA has claimed responsibility for the attack.
Established in 1996, the Internet Archive is a non-profit that provides free access to millions of videos, books, audio files and photos to users.
Leave feedback about this